As a side note:
This configuration disables IE6 from even viewing your site over SSL, as it does not support TLS1.0+. We also include DES-CBC3-SHA / TLS_RSA_WITH_3DES_EDE_CBC_SHA so that IE8 on Windows XP will work. If you don’t care about IE8/WINXP, then feel free to disable this cipher as well. RC4 was recommended to mitigate against the BEAST attack, but all major browsers have patched against BEAST so we don’t care about that as much any more.

To get an A+ on SSL Labs, have your web server add the following header for sites that are forcing SSL (nginx in this example):

There is grandeur in this view of life, with its several powers, having been originally breathed into a few forms or into one; and that, whilst this planet has gone cycling on according to the fixed law of gravity, from so simple a beginning endless forms most beautiful and most wonderful have been, and are being, evolved. -- Charles Darwin